MONA Secure Multi Owner Data Sharing for Dynamic Groups in the Cloud K Bala Krishna, Mr Syed Mazharuddin & Mrs M Jhansi Lakshmi

(1)

ISSN No: 2348-4845

International Journal & Magazine of Engineering,

Technology, Management and Research

A Peer Reviewed Open Access International Journal

In this several trends are opening up the era of Cloud Computing, which are an Internet-based development and use of computer technology. Cloud Computing means more than simply saving on Information Technology implementation costs. Cloud Computing offers enormous opportunity for new innovation, and even disruption of entire industries. So Cloud computing is the long dreamed vision of computing as a utility, where data owners can remotely store their data in the cloud to enjoy on-demand high-quality applications and services from a shared pool of configurable computing resources.Cloud Computing is recognized as an alternative to traditional Information Technology (IT) due to its intrinsic resource-sharing and low-maintenance characteristics. In this cloud computing, the cloud service providers (CSPs), such as Amazon, are able to deliver various services to cloud computing users with the help of powerful datacenters.

By migrating the local data management systems into cloud servers, users can enjoy high-quality services and save significant investments on their local infrastructures, and one of the most fundamental services offered by cloud providers is data storage. Let us consider a practical data application. A company allows its staffs in the same group or department to store and share files in the cloud. Specifically, the cloud servers managed by cloud provid -ers are not fully trusted by us-ers while the data files stored in the cloud may be sensitive and confidential, such as business plans. To preserve data privacy, a basic solution is to encrypting data files, and then uploads the encrypted data into the cloud. Unfortunately, designing an efficient and secure data sharing scheme for groups in the cloud is not an easy task due to the following challenging is-sues. Many privacy techniques for data sharing on remote storage machines have been recommended. In these mod-els, the data owners store the encrypted data on untreated remote storage. After that they will share the respective decryption keys with the authorized users.

Abstract:

Storing data on remote cloud storage makes the mainte-nance affordable by data owners. The reliability and trust-worthiness of these remote storage locations is the main concern for data owners and cloud service providers. When multiple data owners are involved, the aspects of membership and data sharing need to be addressed. In this paper the author proposed efficient multi owner data shar -ing technique over cloud storage. The proposed scheme provides privacy and complexity while handling the data sharing over cloud. sharing data in a multi-owner man-ner while preserving data and identity privacy from an untrusted cloud is still a challenging issue, due to the fre-quent change of the membership. Meanwhile, the storage overhead and encryption computation cost o our scheme are independent with the number of revoked users. In ad-dition, we analyze the security of our scheme with rigor-ous proofs, and demonstrate the efficiency of our scheme in experiments. To resolve this problem recently the best efficient method MONA presented for secured multi own -er data sharing in howev-er we identified some limitations in that same approach in terms of reliability and scalabil-ity.

Keywords:

Data Sharing, Cloud Computing, Access Control, User Revocation.

INTRODUCTION:

Cloud computing is one of the greatest platforms which provide storage of data in very lesser cost and available for all time over the internet Cloud computing is Internet-based computing, whereby shared resources, software and information are provided to computers and devices on demand.

K.Bala Krishna

Department of CSE,

Global Institute of Engineering & Technology,Chilkur,RR District,

Telangana.

Mr.Syed.Mazharuddin

Assistant professor, Department of CSE,

Global Institute of Engineering & Technology,Chilkur,RR District,

Telangana.

Mrs. M.Jhansi Lakshmi

Associate professor, Head of the Department CSE, Global Institute of Engineering &

Technology,Chilkur,RR District, Telangana.

(2)

ISSN No: 2348-4845

A Peer Reviewed Open Access International Journal

RELATED WORK:

1) Plutus: Scalable Secure File Sharing on

Un-trusted Storage:

Plutus is a cryptographic storage system that enables se-cure file sharing without placing much trust on the file servers. In particular, it makes novel use of cryptographic primitives to protect and share files. Plutus features highly scalable key management while allowing individual us-ers to retain direct control over who gets access to their files. We explain the mechanisms in Plutus to reduce the number of cryptographic keys exchanged between users by using filegroups, distinguish file read and write access, handle user revocation efficiently, and allow an untrusted server to authorize file writes. We have built a prototype of Plutus on OpenAFS. Measurements of this prototype show that Plutus achieves strong security with overhead comparable to systems that encrypt all network traffic.

2) Sirius: Securing Remote Untrusted

Stor-age:

This paper presents SiRiUS, a secure file system designed to be layered over insecure network and P2P file systems such as NFS, CIFS, OceanStore, and Yahoo! Briefcase. SiRiUS assumes the network storage is untrusted and pro-vides its own read-write cryptographic access control for file level sharing. Key management and revocation is sim -ple with minimal out-of-band communication. File sys -tem freshness guarantees are supported by SiRiUS using hash tree constructions. SiRiUS contains a novel method of performing file random access in a cryptographic file system without the use of a block server. Extensions to SiRiUS include large scale group sharing using the NNL key revocation construction. Our implementation of SiR -iUS performs well relative to the underlying file system despite using cryptographic operations.

3) Improved Proxy Re-Encryption Schemes

with Applications to Secure Distributed

Stor-age:

In 1998, Blaze, Bleumer, and Strauss (BBS) proposed an application called atomic proxy re-encryption, in which a semitrusted proxy converts a ciphertext for Alice into a ciphertext for Bob without seeing the underlying plain-text.

This prevent the cloud service providers and intruders to access the encrypted data, as they don’t have the decrypt-ing keys. However the new data owner registration in the above said models reveals the identity of the new data owner to the others in the group. The new data owner has to take permission from other data owners in the group before generating a decrypting key. The proposed system identified the problems during multi owner data sharing and proposed an efficient protocols and cryptographic techniques for solving drawbacks in the traditional ap-proach.

In this it proposed an efficient and novel secure key pro -tocol for group key generation and using these key data owners can encrypt the all files. Suppose new user regis -ter into group the user need not to contact the data owner during the downloading of files and data can be encrypted with AES before uploading the data in to the cloud.we have seen many methods for secure data sharing in cloud computing, however most methods failed to achieve the efficient and as well as secure method for data sharing for groups. To provide the best solutions for the problems im-posed by existing methods, recently the new method was presented called as MONA .

(3)

ISSN No: 2348-4845

A Peer Reviewed Open Access International Journal

Bilinear Diffie-Hellman Exponent (PBDHE) assumption which can be viewed as a generalization of the BDHE assumption. Our next two constructions provide perfor -mance tradeoffs to achieve provable security respectively under the (weaker) decisional Bilinear-Diffie-Hellman Exponent and decisional Bilinear Diffie-Hellman as -sumptions.

PROBLEM STATEMENT:

To preserve data privacy, a basic solution is to encrypt data files, and then upload the encrypted data into the cloud. Unfortunately, designing an efficient and secure data sharing scheme for groups in the cloud is not an easy task. Data owners store the encrypted data files in untrust -ed storage and distribute the corresponding decryption keys only to authorized users. Thus, unauthorized users as well as storage servers cannot learn the content of the data files because they have no knowledge of the decryption keys. However, the complexities of user participation and revocation in these schemes are linearly increasing with the number of data owners and the number of revoked users, respectively.

DRAWBACK:

identity privacy is one of the most significant obstacles »

for the wide deployment of cloud computing. Without the guarantee of identity privacy, users may be unwilling to join in cloud computing systems because their real identi-ties could be easily disclosed to cloud providers and at-tackers. On the other hand, unconditional identity privacy may incur the abuse of privacy. For example, a misbe -haved staff can deceive others in the company by sharing false files without being traceable.

Only the group manager can store and modify data in »

the cloud

The changes of membership make secure data sharing »

extremely difficult the issue of user revocation is not ad -dressed.

PROBLEM DEFINITION:

1. We propose a secure multi-owner data sharing scheme. It implies that any user in the group can securely share data with others by the untrusted cloud.

2. Our proposed scheme is able to support dynamic groups efficiently. Specifically, new granted users can directly de -crypt data files uploaded before their participation with We predict that fast and secure re-encryption will become

increasingly popular as a method for managing encrypted file systems. Although efficiently computable, the wide-spread adoption of BBS re-encryption has been hindered by considerable security risks. Following recent work of Dodis and Ivan, we present new re-encryption schemes that realize a stronger notion of security and demonstrate the usefulness of proxy re-encryption as a method of add-ing access control to a secure file system. Performance measurements of our experimental file system demon -strate that proxy re-encryption can work effectively in practice.

4) Secure Provenance: The Essential of Bread

and Butter of Data Forensics in Cloud

Com-puting:

Secure provenance that records ownership and process history of data objects is vital to the success of data fo-rensics in cloud computing, yet it is still a challenging issue today. In this paper, to tackle this unexplored area in cloud computing, we proposed a new secure provenance scheme based on the bilinear pairing techniques. As the essential bread and butter of data forensics and post in-vestigation in cloud computing, the proposed scheme is characterized by providing the information confidential -ity on sensitive documents stored in cloud, anonymous authentication on user access, and provenance tracking on disputed documents. With the provable security tech-niques, we formally demonstrate the proposed scheme is secure in the standard model.

5) Ciphertext-Policy Attribute-Based

Encryp-tion: An Expressive, Efficient, and Provably

Secure Realization:

(4)

ISSN No: 2348-4845

A Peer Reviewed Open Access International Journal

6. User Revocation:

User revocation is performed by the group manager via a public available revocation list (RL), based on which group members can encrypt their data files and ensure the confidentiality against the revoked users.

CONCLUSION:

In this paper, we propose a secure data sharing scheme, for dynamic groups in an untreated cloud. A user is able to share data with others in the group without revealing identity privacy to the cloud. and additionally, Its supports efficient user revocation and new user joining. More spe -cially, efficient user revocation can be achieved through a public revocation list without updating the private keys of the remaining users, and new users can directly decrypt files stored in the cloud before their participation. How -ever, assuring and enhancing security and privacy prac-tices will attract more enterprises to world of the cloud computing In Thus to achieve the reliable and scalable MONA approach; in this paper we are presenting the new framework for MONA called as Reliable and Scalable MONA. Moreover, the storage overhead and the encryp -tion computa-tion cost are constant. Extensive analyses show that our proposed scheme satisfies the desired secu -rity requirements and guarantees efficiency as fine.

REFERENCES:

[1] M. Armbrust, A. Fox, R. Griffith, A.D. Joseph, R.H. Katz, A. Konwinski, G. Lee, D.A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia, “A View of Cloud Computing,” Comm. ACM, vol. 53, no. 4, pp. 50-58, Apr. 2010.

[2] S. Kamara and K. Lauter, “Cryptographic Cloud Stor -age,” Proc. Int’l Conf. Financial Cryptography and Data Security (FC), pp. 136-149, Jan. 2010.

[3] S. Yu, C. Wang, K. Ren, and W. Lou, “Achieving Se -cure, Scalable, and Fine-Grained Data Access Control in Cloud Computing,” Proc. IEEE INFOCOM, pp. 534-542, 2010.

[4] M. Kallahalla, E. Riedel, R. Swaminathan, Q. Wang, and K. Fu, “Plutus: Scalable Secure File Sharing on Un -trusted Storage,” Proc. USENIX Conf. File and Storage Technologies, pp. 29-42, 2003.

out contacting with data owners. User revocation can be easily achieved through a novel revocation list without updating the secret keys of the remaining users. The size and computation overhead of encryption are constant and independent with the number of revoked users.

2.Group Manager:

Group manager takes charge of followings, 1. System parameters generation,

2. User registration, 3. User revocation, and

4. Revealing the real identity of a dispute data owner. Therefore, we assume that the group manager is fully trusted by the other parties. The Group manager is the admin. The group manager has the logs of each and every process in the cloud. The group manager is responsible for user registration and also user revocation too.

3.Group Member:

Group members are a set of registered users that will 1.store their private data into the cloud server and 2.Share them with others in the group.

Note that, the group membership is dynamically changed, due to the staff resignation and new employee participa-tion in the company. The group member has the owner-ship of changing the files in the group. Whoever in the group can view the files which are uploaded in their group and also modify it. The group meme

4.File Security:

1. Encrypting the data file.

2. File stored in the cloud can be deleted by either the group manager or the data owner.

(i.e., the member who uploaded the file into the server).

5.Group Signature:

(5)

ISSN No: 2348-4845

A Peer Reviewed Open Access International Journal

[11] D. Boneh and M. Franklin, “Identity-Based Encryp -tion from the Weil Pairing,” Proc. Int’l Cryptology Conf. Advances in Cryptology (CRYPTO), pp. 213-229, 2001.

[12] D. Boneh, X. Boyen, and H. Shacham, “Short Group Signature,” Proc. Int’l Cryptology Conf. Advances in Cryptology (CRYPTO), pp. 41-55, 2004.

[13] D. Boneh, X. Boyen, and E. Goh, “Hierarchical Identity Based Encryption with Constant Size Cipher-text,” Proc. Ann. Int’l Conf. Theory and Applications of Cryptographic Techniques (EUROCRYPT), pp. 440-456, 2005.

[14] C. Delerablee, P. Paillier, and D. Pointcheval, “Fully Collusion Secure Dynamic Broadcast Encryption with Constant-Size Ciphertexts or Decryption Keys,” Proc. First Int’l Conf. Pairing-Based Cryptography, pp. 39-59, 2007.

[15] D. Chaum and E. van Heyst, “Group Signatures,” Proc. Int’l Conf. Theory and Applications of Crypto-graphic Techniques (EUROCRYPT), pp. 257-265, 1991.

[16] A. Fiat and M. Naor, “Broadcast Encryption,” Proc. Int’l Cryptology Conf. Advances in Cryptology (CRYP -TO), pp. 480-491, 1993.

[17] B. Wang, B. Li, and H. Li, “Knox: Privacy-Preserv -ing Audit-ing for Shared Data with Large Groups in the Cloud,” Proc. 10th Int’l Conf. Applied Cryptography and Network Security, pp. 507-525, 2012.

[5] E. Goh, H. Shacham, N. Modadugu, and D. Boneh, “Sirius: Securing Remote Untrusted Storage,” Proc. Net -work and Distributed Systems Security Symp. (NDSS), pp. 131-145, 2003.

[6] G. Ateniese, K. Fu, M. Green, and S. Hohenberger, “Improved Proxy Re-Encryption Schemes with Applica-tions to Secure Distributed Storage,” Proc. Network and Distributed Systems Security Symp. (NDSS), pp. 29-43, 2005.

[7] R. Lu, X. Lin, X. Liang, and X. Shen, “Secure Prov -enance: The Essential of Bread and Butter of Data Foren -sics in Cloud Computing,” Proc. ACM Symp. Informa-tion, Computer and Comm. Security, pp. 282-292, 2010.

[8] B. Waters, “Ciphertext-Policy Attribute-Based En-cryption: An Expressive, Efficient, and Provably Secure Realization,” Proc. Int’l Conf. Practice and Theory in Public Key Cryptography Conf. Public Key Cryptogra -phy, http://eprint.iacr.org/2008/290.pdf, 2008.

[9] V. Goyal, O. Pandey, A. Sahai, and B. Waters, “At -tribute-Based Encryption for Fine-Grained Access Con -trol of Encrypted Data,” Proc. ACM Conf. Computer and Comm. Security (CCS), pp. 89-98, 2006.

[10] D. Naor, M. Naor, and J.B. Lotspiech, “Revocation and Tracing Schemes for Stateless Receivers,” Proc. Ann. Int’l Cryptology Conf. Advances in Cryptology (CRYP -TO), pp. 41-62, 2001.